mirror of
https://github.com/google/nomulus.git
synced 2025-05-15 17:07:15 +02:00
Switch to new Json credential provisioning
As part of credential consolidation, update the credential provisioing in StackDriver Module. This is the only module that will continue using Json-based credential. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=211878151
This commit is contained in:
parent
22e1d905b6
commit
be18f55640
3 changed files with 37 additions and 10 deletions
|
@ -9,6 +9,7 @@ java_library(
|
||||||
srcs = glob(["*.java"]),
|
srcs = glob(["*.java"]),
|
||||||
resources = glob(["files/*.yaml"]),
|
resources = glob(["files/*.yaml"]),
|
||||||
deps = [
|
deps = [
|
||||||
|
"//java/google/registry/keyring/api",
|
||||||
"//java/google/registry/util",
|
"//java/google/registry/util",
|
||||||
"@com_google_api_client",
|
"@com_google_api_client",
|
||||||
"@com_google_appengine_api_1_0_sdk",
|
"@com_google_appengine_api_1_0_sdk",
|
||||||
|
@ -18,6 +19,7 @@ java_library(
|
||||||
"@com_google_flogger",
|
"@com_google_flogger",
|
||||||
"@com_google_flogger_system_backend",
|
"@com_google_flogger_system_backend",
|
||||||
"@com_google_guava",
|
"@com_google_guava",
|
||||||
|
"@com_google_http_client",
|
||||||
"@javax_inject",
|
"@javax_inject",
|
||||||
"@joda_time",
|
"@joda_time",
|
||||||
"@org_joda_money",
|
"@org_joda_money",
|
||||||
|
|
|
@ -14,12 +14,19 @@
|
||||||
|
|
||||||
package google.registry.config;
|
package google.registry.config;
|
||||||
|
|
||||||
|
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||||
|
|
||||||
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
||||||
|
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
|
||||||
|
import com.google.api.client.googleapis.util.Utils;
|
||||||
import com.google.common.collect.ImmutableList;
|
import com.google.common.collect.ImmutableList;
|
||||||
import dagger.Module;
|
import dagger.Module;
|
||||||
import dagger.Provides;
|
import dagger.Provides;
|
||||||
import google.registry.config.RegistryConfig.Config;
|
import google.registry.config.RegistryConfig.Config;
|
||||||
|
import google.registry.keyring.api.KeyModule.Key;
|
||||||
|
import java.io.ByteArrayInputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.security.GeneralSecurityException;
|
||||||
import javax.inject.Qualifier;
|
import javax.inject.Qualifier;
|
||||||
import javax.inject.Singleton;
|
import javax.inject.Singleton;
|
||||||
|
|
||||||
|
@ -48,6 +55,30 @@ public abstract class CredentialModule {
|
||||||
return credential;
|
return credential;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Provides a {@link GoogleCredential} from the service account's JSON key file. */
|
||||||
|
@JsonCredential
|
||||||
|
@Provides
|
||||||
|
@Singleton
|
||||||
|
public static GoogleCredential provideJsonCredential(
|
||||||
|
@Config("credentialOauthScopes") ImmutableList<String> requiredScopes,
|
||||||
|
@Key("jsonCredential") String jsonCredential) {
|
||||||
|
GoogleCredential credential;
|
||||||
|
try {
|
||||||
|
credential =
|
||||||
|
GoogleCredential.fromStream(
|
||||||
|
new ByteArrayInputStream(jsonCredential.getBytes(UTF_8)),
|
||||||
|
// We cannot use UrlFetchTransport as that uses App Engine API.
|
||||||
|
GoogleNetHttpTransport.newTrustedTransport(),
|
||||||
|
Utils.getDefaultJsonFactory());
|
||||||
|
} catch (IOException | GeneralSecurityException e) {
|
||||||
|
throw new RuntimeException(e);
|
||||||
|
}
|
||||||
|
if (credential.createScopedRequired()) {
|
||||||
|
credential = credential.createScoped(requiredScopes);
|
||||||
|
}
|
||||||
|
return credential;
|
||||||
|
}
|
||||||
|
|
||||||
/** Dagger qualifier for the Application Default Credential. */
|
/** Dagger qualifier for the Application Default Credential. */
|
||||||
@Qualifier
|
@Qualifier
|
||||||
public @interface DefaultCredential {}
|
public @interface DefaultCredential {}
|
||||||
|
|
|
@ -15,10 +15,7 @@
|
||||||
package google.registry.monitoring.whitebox;
|
package google.registry.monitoring.whitebox;
|
||||||
|
|
||||||
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
||||||
import com.google.api.client.http.javanet.NetHttpTransport;
|
|
||||||
import com.google.api.client.json.JsonFactory;
|
|
||||||
import com.google.api.services.monitoring.v3.Monitoring;
|
import com.google.api.services.monitoring.v3.Monitoring;
|
||||||
import com.google.api.services.monitoring.v3.MonitoringScopes;
|
|
||||||
import com.google.api.services.monitoring.v3.model.MonitoredResource;
|
import com.google.api.services.monitoring.v3.model.MonitoredResource;
|
||||||
import com.google.appengine.api.modules.ModulesService;
|
import com.google.appengine.api.modules.ModulesService;
|
||||||
import com.google.common.collect.ImmutableMap;
|
import com.google.common.collect.ImmutableMap;
|
||||||
|
@ -28,9 +25,8 @@ import com.google.monitoring.metrics.MetricWriter;
|
||||||
import com.google.monitoring.metrics.stackdriver.StackdriverWriter;
|
import com.google.monitoring.metrics.stackdriver.StackdriverWriter;
|
||||||
import dagger.Module;
|
import dagger.Module;
|
||||||
import dagger.Provides;
|
import dagger.Provides;
|
||||||
|
import google.registry.config.CredentialModule.JsonCredential;
|
||||||
import google.registry.config.RegistryConfig.Config;
|
import google.registry.config.RegistryConfig.Config;
|
||||||
import java.util.Set;
|
|
||||||
import java.util.function.Function;
|
|
||||||
import org.joda.time.Duration;
|
import org.joda.time.Duration;
|
||||||
|
|
||||||
/** Dagger module for Google Stackdriver service connection objects. */
|
/** Dagger module for Google Stackdriver service connection objects. */
|
||||||
|
@ -43,11 +39,9 @@ public final class StackdriverModule {
|
||||||
|
|
||||||
@Provides
|
@Provides
|
||||||
static Monitoring provideMonitoring(
|
static Monitoring provideMonitoring(
|
||||||
NetHttpTransport transport,
|
@JsonCredential GoogleCredential credential, @Config("projectId") String projectId) {
|
||||||
JsonFactory jsonFactory,
|
return new Monitoring.Builder(
|
||||||
Function<Set<String>, GoogleCredential> credential,
|
credential.getTransport(), credential.getJsonFactory(), credential)
|
||||||
@Config("projectId") String projectId) {
|
|
||||||
return new Monitoring.Builder(transport, jsonFactory, credential.apply(MonitoringScopes.all()))
|
|
||||||
.setApplicationName(projectId)
|
.setApplicationName(projectId)
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue